database-management
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): Strong instructional language like 'MANDATORY' is used to enforce architectural patterns and best practices rather than attempting to bypass safety filters or override system constraints.
- [Data Exposure & Exfiltration] (SAFE): The skill uses local SQLite storage (app.db). No network requests, hardcoded credentials, or sensitive path access were detected.
- [Indirect Prompt Injection] (LOW): While the skill defines functions that process user data (database queries), it provides mandatory guidance on boundary markers (parameterized queries) to prevent injection attacks.
- Ingestion points:
db_query,db_execute, anddb_insertindatabase.py. - Boundary markers: Explicitly mandates use of
?placeholders and tuple parameters. - Capability inventory: File system access for SQLite database creation/modification.
- Sanitization: Relies on the standard library
sqlite3parameterization mechanism. - [Unverifiable Dependencies] (SAFE): The skill relies solely on the Python standard library (
sqlite3,typing) and does not attempt to install external packages or execute remote scripts.
Audit Metadata